Hacking-Paradise

Top 10 Network Security Tools

2006-11-13T12:19:00.000-08:00

After the tremendously successful 2000 and 2003 security tools surveys, Insecure.Org is delighted to release this 2006 survey. I (Fyodor) asked users from the nmap-hackers mailing list to share their favorite tools, and 3,243 people responded.

Here is the list of Top 10 nework security tools::::

Each tool is described by one ore more attributes:

	Did not appear on the 2003 list
/	Popularity ranking rose / fell the given number since the 2003 survey
	Generally costs money. A free limited/demo/trial version may be available.
	Works natively on Linux
	Works natively on OpenBSD, FreeBSD, Solaris, and/or other UNIX variants
	Works natively on Apple Mac OS X
	Works natively on Microsoft Windows
	Features a command-line interface
	Offers a GUI (point and click) interface
	Source code available for inspection.

Nessus : Premier UNIX vulnerability assessment tool
Nessus is the best free network vulnerability scanner available, and the best to run on UNIX at any price. It is constantly updated, with more than 11,000 plugins for the free (but registration and EULA-acceptance required) feed. Key features include remote and local (authenticated) security checks, a client/server architecture with a GTK graphical interface, and an embedded scripting language for writing your own plugins or understanding the existing ones. Nessus 3 is now closed source, but is still free-of-cost unless you want the very newest plugins.

See all vulnerability scanners

Wireshark : Sniffing the glue that holds the Internet together
Wireshark (known as Ethereal until a trademark dispute in Summer 2006) is a fantastic open source network protocol analyzer for Unix and Windows. It allows you to examine data from a live network or from a capture file on disk. You can interactively browse the capture data, delving down into just the level of packet detail you need. Wireshark has several powerful features, including a rich display filter language and the ability to view the reconstructed stream of a TCP session. It also supports hundreds of protocols and media types. A tcpdump-like console version named tethereal is included. One word of caution is that Ethereal has suffered from dozens of remotely exploitable security holes, so stay up-to-date and be wary of running it on untrusted or hostile networks (such as security conferences).

See all packet sniffers

Snort : A Everyone's favorite open source IDS
This lightweight network intrusion detection and prevention system excels at traffic analysis and packet logging on IP networks. Through protocol analysis, content searching, and various pre-processors, Snort detects thousands of worms, vulnerability exploit attempts, port scans, and other suspicious behavior. Snort uses a flexible rule-based language to describe traffic that it should collect or pass, and a modular detection engine. Also check out the free Basic Analysis and Security Engine (BASE), a web interface for analyzing Snort alerts.

Open source Snort works fine for many individuals, small businesses, and departments. Parent company SourceFire offers a complimentary product line with more enterprise-level features and real-time rule updates. They offer a free (with registration) 5-day-delayed rules feed, and you can also find many great free rules at Bleeding Edge Snort.

See all intrusion detection systems

Netcat : The network Swiss army knife
This simple utility reads and writes data across TCP or UDP network connections. It is designed to be a reliable back-end tool that can be used directly or easily driven by other programs and scripts. At the same time, it is a feature-rich network debugging and exploration tool, since it can create almost any kind of connection you would need, including port binding to accept incoming connections. The original Netcat was released by Hobbit in 1995, but it hasn't been maintained despite its immense popularity. It can sometimes even be hard to find nc110.tgz. The flexibility and usefulness of this tool have prompted people to write numerous other Netcat implementations - often with modern features not found in the original. One of the most interesting is Socat, which extends Netcat to support many other socket types, SSL encryption, SOCKS proxies, and more. It even made this list on its own merits. There is also Chris Gibson's Ncat, which offers even more features while remaining portable and compact. Other takes on Netcat include OpenBSD's nc, Cryptcat, Netcat6, PNetcat, SBD, and so-called GNU Netcat.

See all Netcats

Metasploit Framework : Hack the Planet
Metasploit took the security world by storm when it was released in 2004. No other new tool even broke into the top 15 of this list, yet Metasploit comes in at #5, ahead of many well-loved tools that have been developed for more than a decade. It is an advanced open-source platform for developing, testing, and using exploit code. The extensible model through which payloads, encoders, no-op generators, and exploits can be integrated has made it possible to use the Metasploit Framework as an outlet for cutting-edge exploitation research. It ships with hundreds of exploits, as you can see in their online exploit building demo. This makes writing your own exploits easier, and it certainly beats scouring the darkest corners of the Internet for illicit shellcode of dubious quality. Similar professional exploitation tools, such as Core Impact and Canvas already existed for wealthy users on all sides of the ethical spectrum. Metasploit simply brought this capability to the masses.

See all vulnerability exploitation tools

Hping2 : A network probing utility like ping on steroids
This handy little utility assembles and sends custom ICMP, UDP, or TCP packets and then displays any replies. It was inspired by the ping command, but offers far more control over the probes sent. It also has a handy traceroute mode and supports IP fragmentation. This tool is particularly useful when trying to traceroute/ping/probe hosts behind a firewall that blocks attempts using the standard utilities. This often allows you to map out firewall rulesets. It is also great for learning more about TCP/IP and experimenting with IP protocols.

See all packet crafting tools

#7
10

Kismet : A powerful wireless sniffer
Kismet is an console (ncurses) based 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. It identifies networks by passively sniffing (as opposed to more active tools such as NetStumbler), and can even decloak hidden (non-beaconing) networks if they are in use. It can automatically detect network IP blocks by sniffing TCP, UDP, ARP, and DHCP packets, log traffic in Wireshark/TCPDump compatible format, and even plot detected networks and estimated ranges on downloaded maps. As you might expect, this tool is commonly used for wardriving. Oh, and also warwalking, warflying, and warskating, ...

See all wireless tools, and packet sniffers

#8
3

Tcpdump : The classic sniffer for network monitoring and data acquisition
Tcpdump is the IP sniffer we all used before Ethereal (Wireshark) came on the scene, and many of us continue to use it frequently. It may not have the bells and whistles (such as a pretty GUI or parsing logic for hundreds of application protocols) that Wireshark has, but it does the job well and with fewer security holes. It also requires fewer system resources. While it doesn't receive new features often, it is actively maintained to fix bugs and portability problems. It is great for tracking down network problems or monitoring activity. There is a separate Windows port named WinDump. TCPDump is the source of the Libpcap/WinPcap packet capture library, which is used by Nmap among many other tools.

See all packet sniffers

#9
23

Cain and Abel : The top password recovery tool for Windows
UNIX users often smugly assert that the best free security tools support their platform first, and Windows ports are often an afterthought. They are usually right, but Cain & Abel is a glaring exception. This Windows-only password recovery tool handles an enormous variety of tasks. It can recover passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols. It is also well documented.

See all password crackers, and packet sniffers

#10
1

John the Ripper : A powerful, flexible, and fast multi-platform password hash cracker
John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), DOS, Win32, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types which are most commonly found on various Unix flavors, as well as Kerberos AFS and Windows NT/2000/XP LM hashes. Several other hash types are added with contributed patches. You will want to start with some wordlists, which you can find here, here, or here.

See all password crackers

Books on hacking!!!

2006-11-09T13:40:00.000-08:00

Welcome To Hacker's Longue....

2006-11-09T12:46:00.000-08:00

This site is dedicated to all those who want to learn hacking.

Hacking is a term used to describe the act of penetrating a closed computer system for the knowledge and information that is contained within. As cyber crime has ensued, the term “hack” has taken on negative meaning and has lost association with the true principles that it was founded on.

In this Blog you will find almost each and everything required to become a good hacker.I will assist you at all steps.

This Blog is for those people, who want to learn some hacking stuff, and if they know , then they can also share there hacking ideas.

Can Emails Be Hacked?

Yes. As a matter of fact, almost anything can be hacked in the Internet. The problem is that email accounts are the repositories were people store their private information or even their business data. It is a quite serious condition and most of the mail providers have taken some measures for stopping it. Unfortunately, users don't take them seriously and they don't follow the precautions.

There are several methods for hacking yahoo, msn or AOL email accounts. One of these methods is social engineering. Considered a revolutionary art among the hacker community, it has proven to be an interesting tool that can be exploited by anyone.

Social engineering consists in the ability to trick someone in believing that he is giving information to someone who has the authority to ask for it. The most common way to do it is through the telephone or via the internet. Let's say that a user receives a call from someone who identifies himself as a system administrator of his company and that he requires some information that could be considered harmless.

It's quite probable that that bit of information is the final piece that the hacker required for finishing his work. Something as innocent as when was the last time that the system asked the user to change his password could be used by him in his advantage.

A quite ingenious method within social engineering was a webpage were users required to enter their mail and password for finding if someone had deleted or blocked them from their Instant Messenger (IM). Unfortunately, many fell under this scheme. Hacking yahoo messenger or any other messenger is quite easy if you find how to exploit the user's needs.

Methods of attack

Password cracking doesn't always involve sophisticated tools. It can be as simple as finding a sticky note with the password written on it stuck right to the monitor or hidden under a keyboard. Another crude technique is known as "dumpster diving," which basically involves an attacker going through your garbage to find discarded documentation that may contain passwords.

Of course attacks can involve far greater levels of sophistication. Here are some of the more common techniques used in password cracking:

Dictionary attack
A simple dictionary attack is by far the fastest way to break into a machine. A dictionary file (a text file full of dictionary words) is loaded into a cracking application (such as L0phtCrack), which is run against user accounts located by the application. Because the majority of passwords are often simplistic, running a dictionary attack is often sufficient to to the job.
Hybrid attack
Another well-known form of attack is the hybrid attack. A hybrid attack will add numbers or symbols to the filename to successfully crack a password. Many people change their passwords by simply adding a number to the end of their current password. The pattern usually takes this form: first month password is "cat"; second month password is "cat1"; third month password is "cat2"; and so on.
Brute force attack
A brute force attack is the most comprehensive form of attack, though it may often take a long time to work depending on the complexity of the password. Some brute force attacks can take a week depending on the complexity of the password. L0phtcrack can also be used in a brute force attack.

Methods of Cracking Email Passwords

As mentioned earlier, one of the most successful method is achieved with the used of keyloggers and spy software. There are lots of spyware, logging tools available today such as 007, RemoteSpy, Netvizor, Email Spy, Chat Spy, Spector Pro, eBlaster, Invisible Keylogger, to name a few. This software will create a self extracting or installation file, you can then run it in the computer for surveillance, or email it to your target. The only question is, how can you convinced the recipient to open it?

Most hackers does not really hacking passwords by penetrating Yahoo, Hotmail, Gmail, and AOL servers, instead they will go for the easy way - the end user, that's you. It's not what you see on the movies such like "Hackers," "SwordFish," and so on. Too good to be true! They don't actually hack, but logs every stroke on your keyboard including the passwords you have input.

Brute Force/Dictionary Attack:

This method isn’t hacking; it’s software that is ruled by chance in hope that the password is a simple, common word such as “tree” or “dog”. What’s worse, this method is limited to only English terms, whereas many account passwords are in another language. This method, at most, is 15% successful. On top of that it is highly noticeable and traceable; every failed attempt is recorded by the email provider and later analyzed, so if you are employing someone who uses this method, I would suggest you get out of the arrangement expediently.

THIS BLOG IS UNDER CONSTRUCTION....